backport of commit 698c39f (#21088)

Co-authored-by: Jason O'Donnell <[email protected]>

website/content/docs/upgrading/upgrade-to-1.12.x.mdx

@@ -199,3 +199,17 @@ vault write auth/ldap/config max_page_size=-1
 #### Impacted Versions
 
 Affects Vault 1.12.6.
+
+### Slow Startup Time When Storing PKI Certificates 
+
+There was a regression introduced in 1.12.0 where Vault is slow to start because the 
+PKI secret engine performs a list operation on the stored certificates. If a large number 
+of certificates are stored this can cause long start times on active and standby nodes.
+
+There is currently no workaround for this other than limiting the number of certificates stored
+in Vault via the [PKI tidy](/vault/api-docs/secret/pki.mdx#tidy) or using `no_store`
+flag for [PKI roles](/vault/api-docs/secret/pki.mdx#createupdate-role).
+
+#### Impacted Versions
+
+Affects Vault 1.12.0+

website/content/docs/upgrading/upgrade-to-1.13.x.mdx

@@ -141,3 +141,17 @@ Affects Vault 1.13.0 to 1.13.2. Fixed in 1.13.3.
 On upgrade, all local revocations will be synchronized between
 clusters; revocation requests are not persisted when failing to
 write cross-cluster.
+
+### Slow Startup Time When Storing PKI Certificates 
+
+There was a regression introduced in 1.13.0 where Vault is slow to start because the
+PKI secret engine performs a list operation on the stored certificates. If a large number
+of certificates are stored this can cause long start times on active and standby nodes.
+
+There is currently no workaround for this other than limiting the number of certificates stored 
+in Vault via the [PKI tidy](/vault/api-docs/secret/pki.mdx#tidy) or using `no_store` 
+flag for [PKI roles](/vault/api-docs/secret/pki.mdx#createupdate-role).
+
+#### Impacted Versions
+
+Affects Vault 1.13.0+